我利用 JWT 官网提供的 Java 模块,写了个加密和解密token的例子。这个例子使用Maven管理项目,源代码共包含三个文件:Encrypt.java、Decrypt、Main.java
pom.xml
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>zhangchao</groupId>
<artifactId>testJavaJwt</artifactId>
<version>0.0.1-SNAPSHOT</version>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<java.version>1.8</java.version>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
</properties>
<dependencies>
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.1.0</version>
</dependency>
</dependencies>
</project>
Encrypt.java
package zhangchao;
import java.io.UnsupportedEncodingException;
import java.util.Date;
import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTCreationException;
/**
* 加密
* @author 张超
*
*/
public final class Encrypt {
/**
* 生成加密后的token
* @param isVip 是不是VIP,true表示是VIP,false表示不是VIP。
* @param username 用户名
* @param name 姓名
* @return 加密后的token
*/
public String getToken(final boolean isVip, final String username,
final String name) {
String token = null;
try {
Date expiresAt = new Date(System.currentTimeMillis() + 24L * 60L * 3600L * 1000L);
token = JWT.create()
.withIssuer("auth0")
.withClaim("isVip", isVip)
.withClaim("username", username)
.withClaim("name", name)
.withExpiresAt(expiresAt)
// 使用了HMAC256加密算法。
// mysecret是用来加密数字签名的密钥。
.sign(Algorithm.HMAC256("mysecret"));
} catch (JWTCreationException exception){
//Invalid Signing configuration / Couldn't convert Claims.
} catch (IllegalArgumentException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return token;
}
}
Decrypt.java
package zhangchao;
import java.io.UnsupportedEncodingException;
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTVerificationException;
import com.auth0.jwt.interfaces.DecodedJWT;
/**
* 解密
* @author 张超
*
*/
public final class Decrypt {
/**
* 先验证token是否被伪造,然后解码token。
* @param token 字符串token
* @return 解密后的DecodedJWT对象,可以读取token中的数据。
*/
public DecodedJWT deToken(final String token) {
DecodedJWT jwt = null;
try {
// 使用了HMAC256加密算法。
// mysecret是用来加密数字签名的密钥。
JWTVerifier verifier = JWT.require(Algorithm.HMAC256("mysecret"))
.withIssuer("auth0")
.build(); //Reusable verifier instance
jwt = verifier.verify(token);
} catch (JWTVerificationException exception){
//Invalid signature/claims
exception.printStackTrace();
} catch (IllegalArgumentException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return jwt;
}
}
Main.java
package zhangchao;
import com.auth0.jwt.interfaces.DecodedJWT;
public class Main {
public static void main(String[] args) {
// 生成token
Encrypt encrypt = new Encrypt();
String token = encrypt.getToken(true, "zhangchao", "张超");
// 打印token
System.out.println("token: " + token);
// 解密token
Decrypt decrypt = new Decrypt();
DecodedJWT jwt = decrypt.deToken(token);
System.out.println("issuer: " + jwt.getIssuer());
System.out.println("isVip: " + jwt.getClaim("isVip").asBoolean());
System.out.println("username: " + jwt.getClaim("username").asString());
System.out.println("name: " + jwt.getClaim("name").asString());
System.out.println("过期时间: " + jwt.getExpiresAt());
}
}